Interim Cyber Security Response Manager

Interim Cyber Security Response Manager

Location: Crawley
Reporting to: Head of Cyber Security and Technology Risk

Overview:

An interim Cyber Security Response Manager is required to lead the day-to-day operations and strategic enhancement of a growing Cyber Security Response team. This role is crucial in protecting network systems and customer data against evolving cyber threats through advanced monitoring, proactive threat hunting, and incident response leadership.

The ideal candidate is a transformational leader who thrives on developing high-performing teams, driving automation, and building resilient security operations in complex environments.

Key Responsibilities:

• Lead and develop a Cyber Security Response team of circa 8 staff, plus third-party MSSP resources.
• Oversee cyber event monitoring, incident response, and proactive threat hunting activities.
• Maintain and improve cyber incident response plans, playbooks, and simulation exercises.
• Manage cyber security tooling including SIEM, SOAR, EDR, and DLP platforms.
• Drive automation of security operations through SOAR solutions and operational playbooks.
• Produce clear cyber risk metrics and reports for technical and business audiences.
• Act as a trusted advisor to internal stakeholders, suppliers, and leadership teams.
• Deputise for the Head of Cyber Security and Technology Risk as needed.
• Lead, mentor, and expand a Security Operations Centre (SOC) team.

Skills & Experience:

• 5+ years managing Cyber Security Operations or Incident Response teams.
• Bachelor’s degree in Cybersecurity, Information Systems, or equivalent experience.
• Certifications such as GIAC/GCIA/GCIH, CISSP, or CASP+.
• Hands-on experience with SIEM, SOAR, EDR, NAC, DLP, and related technologies.
• Strong working knowledge of cyber security frameworks (e.g., NCSC CAF, ISO 27001, GDPR).
• Familiarity with adversary TTPs and frameworks like MITRE ATT&CK.
• Experience managing third-party MSSPs and operating in regulated industries (CNI or Energy preferred).
• Knowledge of Operational Technology (OT) environments including ICS and SCADA is desirable.

Additional Information:

• Budget responsibility of £1–3 million.
• Role covers both day-to-day team leadership and strategic cyber capability development.
• Opportunity to shape and mature a cyber resilience program through innovation, metrics, and continuous improvement.

Ideal Candidate:

• Experience leading SOC teams, ideally with a track record of building or significantly scaling one.
• Energetic, collaborative, and positive, with strong leadership and communication skills.
• Brings operational security experience from high-pressure, regulated or safety-critical environments.
• Prefer background in critical national infrastructure or utilities
• Prefer experience deploying ServiceNow SIR and Sentinel